Organizations are racing to reap the benefits of digitization, fuelled by trends such as mobility, IoT, cloud, and advanced analytics. The key to these benefits is adapting networks to operate at digital speeds and keeping them secure against threats. However, today, sophisticated threats can hide in network blind spots, extracting sensitive information and lying undetected on average between 100 to 200 days, thereby causing millions in damage! Even when organisations know their network is compromised, they don’t always know where it’s happening and how, making them susceptible to network abuse and insider threats.
The Need for Visibility
In short, you cannot protect against what you cannot see! Network security solutions that are configured to standard “default” policies are blind to changes on the network. As new systems and applications emerge, most security systems won’t even notice, let alone respond. Network behaviour- such as unexpected connections and sessions, an important sign of a possible breach- often pass unnoticed.
To be agile and provide true protection, security teams need total network visibility, including physical and virtual hosts, operating systems, applications, services, protocols, users, content, network behaviour as well as network attacks and malware.
Cisco Stealthwatch + ISE
At Help AG, we have been working closely with our partner Cisco to deploy technology to fix the issue of visibility. Their Stealthwatch solution uncovers threats across the network, even if these bypass perimeter defences, and their Identity Services Engine (ISE) collects the identity of every device and user trying to access the network. Through our expert combination, implementation and configuration of these two solutions, we give organizations a 360° view, enabling them to respond to threats faster, and secure their growing digital business.
Working together, these solutions, that transform your network into an end-to-end sensor and enforcer that can detect and stop sophisticated security issues. Research conducted by Forrester, has shown that companies that deploy these solutions find their network security remediation time reduced 200 hours for each major event and 3 hours for each minor issue. When you include the potential business cost of an attack, these solutions can help protect networks and data adding up to nearly $1.9million in time savings!
At Help AG we engage with our customers to help them nderstand their network by providing visibility in a readable form of network conversation, including east-west and north-south traffic by simply installing Flow Collector and Stealthwatch Manager Centre.
Flow Collector is heart of the solution; all the network devices send NetFlow data to Flow Collector platform which analyses data using algorithms, The Stealthwatch console then displays data in the form of graphs and alerts about any suspicious activity inside the network.
Automation is the key to the future of Cyber Security. Once threats or vulnerable endpoints have been identified by Stealthwatch behaviour analysis algorithms, we need protection to be implemented to prevent attack from progressing further into the lifecycle. Integrating Stealthwatch with Cisco Identity service engine automates remediation of vulnerable assets from the network.
At Help AG we have dedicated consultants working on use cases of correlation and remediation which can be considered as base line policy for any network.
See what risks exist on your network with our 2-week Security Visibility Assessment.
Divjot Arora, Solutions Architect, Help AG